68 matches found
PT-2022-26440 · Generex · Generex Cs141
Name of the Vulnerable Software and Affected Versions: Generex CS141 versions 2.08 through 2.10 Description: The issue allows remote command execution by administrators via a web interface that reaches run update in /usr/bin/gxserve-update.sh. This can occur, for example, via a reverse shell...
CVE-2022-42457
Generex CS141 (UPS Adapter) has a remote code execution in versions up to 2.10 via the web interface calling run_update in /usr/bin/gxserve-update.sh, which extracts and executes install.sh from a tarball (untested tarball payload). Public evidence across multiple sources (RH advisory, CNVD, CNNV...
UPS Adapter CS141 Path Traversal Vulnerability
GENEREX UPS Adapter CS141 is a UPS Uninterruptible Power System adapter from GENEREX Germany. A path traversal vulnerability exists in GENEREX UPS Adapter CS141 versions prior to 1.90. The vulnerability stems from a failure of a networked system or product to properly filter special elements in t...
CVE-2020-11420
UPS Adapter CS141 before 1.90 allows Directory Traversal. An attacker with Admin or Engineer login credentials could exploit the vulnerability by manipulating variables that reference files and by doing this achieve access to files and directories outside the web root folder. An attacker may acce...
CVE-2020-11420
UPS Adapter CS141 before 1.90 allows Directory Traversal. An attacker with Admin or Engineer login credentials could exploit the vulnerability by manipulating variables that reference files and by doing this achieve access to files and directories outside the web root folder. An attacker may acce...
Directory traversal
UPS Adapter CS141 before 1.90 allows Directory Traversal. An attacker with Admin or Engineer login credentials could exploit the vulnerability by manipulating variables that reference files and by doing this achieve access to files and directories outside the web root folder. An attacker may acce...
CVE-2020-11420
CVE-2020-11420 affects GENEREX UPS Adapter CS141 prior to v1.90. Affected component: path handling in the CS141 web-facing interface which allows Directory Traversal. Attack scenario: an attacker with Admin or Engineer credentials can manipulate variables that reference files to access arbitrary ...
CVE-2020-11420
UPS Adapter CS141 before 1.90 allows Directory Traversal. An attacker with Admin or Engineer login credentials could exploit the vulnerability by manipulating variables that reference files and by doing this achieve access to files and directories outside the web root folder. An attacker may acce...